- Security TWENTY
- Women in Security Awards
Information security: From business barrier to business enabler’ is a report by Infosecurity Europe, ahead of the annual exhibition in London. Reed its organisers call the report a snapshot of the industry landscape and the challenges it is facing.
Having surveyed 1,149 information security professionals from across the world, Infosecurity Europe’s report highlights the increasing importance of information security to business strategy – from the effect of Edward Snowden’s NSA leaks and the impact of big data, to the demand for boardroom education and the need to develop a long-term strategy to combat evolving threats. Historically viewed as an obstacle to business, information security is gradually being recognised as a business enabler, it is claimed.
The report also suggests that more effective collaboration between government and the information security industry is crucial to protecting organisations from future cyber threats. More work needs to be done to strengthen government’s position as a source of information on potential threats: only 4.8 per cent of information security professionals selected the government as their most trusted source for intelligence.
Brian Honan, founder and CEO, BH Consulting, is among those due to speak at Infosecurity Europe 2014. He said: “This is something that needs to be addressed urgently,” said . “Without better collaboration between industry and governments we are at a disadvantage against our adversaries. As threats and the capabilities of those looking to breach our systems evolve we need to jointly respond better in how we proactively deal with the threat. We need industry and government to work together in ensuring a strategic approach is taken to enabling companies and citizens to be more aware of the threats to their data, to educate them in how to deal with the threat, and finally how to work together at national and international level to tackle the threats we face.”
Data security is being pushed up the agenda according to the survey, possibly catalysed by the Snowden revelations in June last year. The US-NSA exposé has triggered action, with 58.6pc believing the Snowden affair has been positive in making their business understand potential threats. Despite this, it’s clear boardroom recognition needs to improve, as 46.7pc feel it has not been easier to make their business understand the challenges they face as a result of the leaks.
While, on the whole, the industry is coping with the deluge of data they receive, 30.5pc of information security professionals feel their organisation isn’t able to make effective strategic decisions based on that data. Considering the majority have seen this volume of data increase over the past 12 months, adopting a future-proof approach to information security is going to become increasingly important. Near half, 47.4pc believe the industry has a short-termist approach, lurching from one threat to another.
David Cass, Senior Vice President & Chief Information Security Officer at publishers Elsevier, is another speaker at Infosecurity Europe 2014. He said: “The way information security is perceived is changing, and events such as the Edward Snowden affair have taught both government and industry several valuable lessons,” said . “Threats to security and privacy occur from outside and inside organisations. The complexity of today’s threat landscape is beyond the capability of any one company or country to successfully counter on their own. Experience shows there’s clearly more work to be done until businesses understand the importance of information security to long-term strategy. This challenge, combined with the groundswell of data, supports the need for immediate change. Part of this change requires better sharing of information between government and industry.”
The full report, ‘Information security: From business barrier to business enabler’, is available to download: www.infosec.co.uk/Industry-Survey-Report14
About the event
Infosecurity Europe 2014 will run from 9.30am at Earls Court, London from Tuesday, April 29 to May 1.
Joe Goldberg Chief Security Evangelist at Splunk, said: “Collecting massive amounts of data is needed to detect advanced threats which are not signature-based and evade detection from traditional security products. This because an unavoidable characteristic of an advanced threat is that it does things that are abnormal and deviate from the baseline of what would be expected for the average user. So if you can detect these abnormalities, you can identify the advanced threats. To spot these outliers, you need a way of aggregating all the machine data and log files generated by your IT infrastructure. It is critical that this includes “non-security” sources like Windows event logs, DNS, web logs, and email logs, where the minute fingerprints of advanced threats usually are. All of this data could add up to terabytes a day and can overwhelm traditional security approaches.
“But before you wave the white flag in the face of advanced threats and the risk of drowning in the deluge of all this machine data, there is a solution. Big data security platforms have emerged as a new weapon for forward-thinking organisations to detect advanced threats. These platforms leverage schema-less data stores and distributed search for fast real-time searches, and use statistics, maths and baselining to spot anomalies and deviations across terabytes of data. There is no magical shortlist of what an advanced threat looks like, as it will vary for each organization and the threats they face. One example threat pattern that represents a spear-phising attack is an employee receiving an email from a sender domain that has rarely emailed the organization, followed by the employee visiting a website that is rarely visited by anyone in the organization, followed by a rarely seen service or process starting on the employee’s laptop. This pattern could indicate the employee has received a spear phishing email, clicked on a link in the email to a website with custom malware, and the malware then installed on the employee’s laptop.”